Cybersecurity Certifications That Make a Difference


The security industry is understaffed. By a lot. Previous estimates by the Ponemon Institute suggest as much as 50 percent underemployment for cybersecurity positions. Seventy percent of existing IT security organizations are understaffed and 58 percent say it’s difficult to retain qualified candidates. ESG’s 2017 annual global survey of IT and cybersecurity professionals suggests the biggest shortage of skills [...]

The Old and New: Current Trends in Web-based Threats


Summary In this blog, Unit 42 is sharing analysis and statistics from our Email Link Analysis (ELINK) from the first quarter of 2018 and highlighting interesting findings of current web threats. We will first describe statistical information about CVEs, malicious URLs and Exploit Kits (EKs), then discuss the current life cycle of these web-based threats, and wrap [...]

Is the NIST Cybersecurity Framework Enough to Protect Your Organization?


The National Institute of Standards and Technology (NIST) Cybersecurity Framework, also known as the Framework for Improving Critical Infrastructure Cybersecurity and commonly referred to as CSF, is top of mind for many organizations. Whether driven by the May 2017 Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, the need for a common [...]

Data Is the New Air


In the infancy of any technology, there are going to be teachable moments. Prehistoric man’s mastery of fire didn’t come without a few scorched fingers and the occasional multi-acre conflagration. As a species, our taming of fire and combustion enabled innovations in everything from cooking to metallurgy to transportation, to an array of other endeavors. [...]

Cybersecurity and Privacy Certification from the Ground Up


The European Cybersecurity Act, proposed in 2017 by the European Commission, is the most recent of several policy documents adopted and/or proposed by governments around the world, each with the intent (among other objectives) to bring clarity to cybersecurity certifications for various products and services. The reason why cybersecurity, and most recently privacy, certifications are [...]

Cloud Security Alliance Issues Code of Conduct Self-Assessment and Certification Tools for GDPR Compliance


SEATTLE, WA and LONDON – JUNE 5, 2018 – InfoSecurity Europe Conference – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, today released the CSA Code of Conduct (CoC) Self-Assessment. An essential tool for those charged with General Data Privacy Requirements (GDPR) [...]